Explaining the Various VPN Protocols

Talk to someone.

Having some trouble? We’re here to help:

Explaining the various VPN encryption protocols

A ‘VPN Protocol’ is the set of procedures a VPN service uses to keep you protected online. There are several different types of VPN protocols to use, each with their own advantages. The following are the four most common types of VPN protocols used in business and home networks:


Originally developed by Open Source Software and published under the GNU license, OpenVPN was designed to serve as a free alternative to the SSTP protocol from Microsoft. The biggest advantage of this protocol, other than the fact that it is free, is that it is able to operate on a variety of different systems, including Linus, Mac OS, and Windows. In fact, OpenVPN is even able to function on some IP phones. OpenVPN actually shares some similarities with SSTP, including an OpenSSL encryption level that exceeds that of L2TP due to the fact that it operates on Layer 2 as well as Layer 3. OpenVPN also includes a number of additional features, such as IPX packets, transporting Ethernet frames, and NETBIOS functionality.

Unlike PPTP, OpenVPN can be operated across any port. It also can run over both UDP and TCP/IP network protocols. This means that the chances that a system administrator would block it are extremely unlikely. Additionally, OpenVPN is quite stable and fast. Even if there is a connection problem, the connection is not likely to be dropped, which means that your security and privacy can be maintained. Due to the many benefits that it offers, OpenVPN has won several awards, including Best SSL VPN and Best VPN Tool.

The Ghost Path VPN client utilizes OpenVPN connections and automagically handles all of the OpenVPN configuration. We prefer OpenVPN connections to our servers even if you're using third-party VPN clients.

Point To Point Tunneling Protocol (PPTP)

The Point-To-Point-Tunneling Protocol, frequently referred to as PPTP is often considered the most popular VPN protocol solution. One of the reasons that it tends to be so popular is the fact that most devices support it. Firewalls such as Cisco PIX, ISA Server, and Sonic Wall all recognize this protocol. Additionally, it is extremely easy to configure. Add in the fact that it offers low overhead for faster speed and it is easy why so many people prefer PPTP.

PPTP works by encrypting data through the use of a 128-bit key. In terms of VPN protocols, this does make PPTP weaker than other options in terms of security. Previously, PPTP has also suffered from other weaknesses, including a clear-text authentication. Due to that, PPTP is not commonly used for sensitive business communications.

With PPTP, it can be quite easy to get started because you can use something as simple as a username and a password for the required details. While ease of use is certainly an important advantage to PPTP, the low encryption can be a significant drawback for many users. If you are only going to use it for something that does not demand high security, such as streaming TV, then PPTP could be the right choice for your needs. You should be aware that some users have experienced issues with PPTP causing problems when the network they are attempting to access is not stable. When this is the case, the connection can be dropped without any warning. This could also be problematic if you are surfing a site where you want to remain anonymous. If your VPN connection is dropped, your IP address as well as your location could be revealed without you even knowing about it if the connection is dropped with no warning. In the event you are using a 3/4G network or a public network with a low signal, this could prove to be particularly problematic. You should also take into consideration that the ports used by PPTP can be blocked rather easily by a network administrator, in which case your PPTP service would be rendered useless.

While PPTP is often a good choice due to the fact that it is compatible to so many different systems and offers easy setup, it is important to carefully consider the issues related to unreliability and security if you have a serious concern regarding your privacy.

Layer 2 Tunneling Protocol (L2TP)

The official name for L2TP is Layer 2 Tunneling Protocol. It was created through a partnership between Microsoft and Cisco with the goal of establishing a VPN protocol that was more secure. Due to the fact that L2TP is used in conjunction with the IPSec protocol, it does provide more security than PPTP. IPSec offers enhanced security due to the use of more secure encryption algorithms Additionally, L2TP requires a pre-shared key or certificate for even more security. At the strongest level of encryption, 168-bit keys, two levels of authentication, and 3 DES (Triple Data Encryption Algorithm) encryption algorithm are used with L2TP. As a result, L2TP provides superior protection to prevent hackers from compromising a system. As with most things, there are some tradeoffs and in the case of L2TP that increased security comes at the price of increased overhead and a slower pace compared to PPTP.

One of the main benefits of this protocol is that like PPTP, it is available on a range of devices and systems, including MAC and Windows. Additionally, there is no software required. You can also make use of this protocol over various tablets and mobile phones.

Ghost Path no longer offers L2TP connections due to the increased overhead and relatively slower connection speeds.

Secure Socket Layer (SSL)

SSL is a VPN that works through your web browser. Whenever you visit a website where the URL starts with HTTPS:// instead of HTTP://, that means you are accessing the site through SSL. The main difference between SSL and other VPN protocols, is that you don’t need to download any software to run it, because it runs automatically on your browser. SSL is compatible with every current model of computer and operating system.

The Ghost Path team definitely recommends using OpenVPN as much as possible, but PPTP is a solid backup options for when OpenVPN isn't available, such as on mobile devices.